[youdounderstand]

I'm surprised by the backlash against telemetry on HN. How else are you supposed to improve reliability of software used on tens of millions of devices with an ear infinite number of hardware and software permutations?

[vetinari]

The telemetry data isn't yours. It belongs to the user and exfiltrating it without user's permissions or even knowledge puts your software at the spyware level.

Do you really want your software to be considered spyware?

[r1ch]

When such telemetry exposes the names of programs you are running and is sent unencrypted, it's a big deal. Coupled with very specific hardware information, this could easily be used to track TOR users for example.

[andromeduck]

Doubt it's tracking all applications. Probably only GPU heavy ones like games, CAD and creative tools like Photoshop and Premiere.

[voltagex_]

Except to make that kind of statement you need to back it up with evidence. From one of the other articles it looks like they now use TLS so you'll need your own MITM cert and Wireshark.

[shostack]

By at least allowing the user to opt out.

[wolfgke]

> By at least allowing the user to opt out.

Rather: by requiring the user to opt in.

[shostack]

Don't get me wrong--I'd much prefer opt-in. I don't think that's realistic though given their leverage and what they are trying (in theory) to do with this data.

However to not provide an opt-out is a slap in the face to those who know enough to care. And it is an increasingly common trend that is very concerning.

[monochromatic]

And yet, people do.